Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-1605

Support IPsec via libreswan in nmstate

XMLWordPrintable

    • nmstate-2.2.21-1.el9
    • sst_network_management
    • ssg_networking
    • 17
    • 1
    • False
    • Hide

      None

      Show
      None
    • Yes
    • NMT - RHEL 8.10/9.4 DTM 14
    • Hide
      • As a user I want to configure ipsec policies via nmstate so that communication with certain entities (such as NetApp storage device) is encrypted.
      • As a user I want to configure ipsec policies via nmstate so that all communication is encrypted.

      Acceptance Criteria

      A list of verification conditions, successful functional tests, or expected outcomes in order to declare this story/task successfully completed.

      • Verify using PSK
      • Verify using Certs
      • Verify on OCP SNO
      • Verify on OCP MNO
      • Verify with multiple policies
      • Verify with rightsub=0.0.0.0/0

      Definition of Done

      • The implementation meets the acceptance criteria
      • The unit tests and integration tests are written and passed
      • The code is part of a build attached to an errata
      • The code is backported to RHEL-9.2
      Show
      As a user I want to configure ipsec policies via nmstate so that communication with certain entities (such as NetApp storage device) is encrypted. As a user I want to configure ipsec policies via nmstate so that all communication is encrypted. Acceptance Criteria A list of verification conditions, successful functional tests, or expected outcomes in order to declare this story/task successfully completed. Verify using PSK Verify using Certs Verify on OCP SNO Verify on OCP MNO Verify with multiple policies Verify with rightsub=0.0.0.0/0 Definition of Done The implementation meets the acceptance criteria The unit tests and integration tests are written and passed The code is part of a build attached to an errata The code is backported to RHEL-9.2
    • Pass
    • Enhancement
    • Hide
      .Nmstate API configures VPN connection based on IPsec configuration

      The Libreswan utility is an implementation of IPsec for configuring VPNs. With this update, by using `nmstatectl`, you can configure IPsec-based authentication types along with configuration modes (tunnel and transport) and network layouts (`host-to-subnet`, `host-to-host`, `subnet-to-subnet`).
      Show
      .Nmstate API configures VPN connection based on IPsec configuration The Libreswan utility is an implementation of IPsec for configuring VPNs. With this update, by using `nmstatectl`, you can configure IPsec-based authentication types along with configuration modes (tunnel and transport) and network layouts (`host-to-subnet`, `host-to-host`, `subnet-to-subnet`).
    • Done

      Goal

      • As a user I want to configure ipsec policies via nmstate so that communication with certain entities (such as NetApp storage device) is encrypted.
      • As a user I want to configure ipsec policies via nmstate so that all communication is encrypted.

      these might happen both in cloud environments and on-prem as well as between cloud and on-perm over public internet.

      the request is originally related to OCP clusters with RHCOS.

      Acceptance Criteria

      A list of verification conditions, successful functional tests, or expected outcomes in order to declare this story/task successfully completed.

      • Verify using PSK
      • Verify using Certs
      • Verify on OCP SNO
      • Verify on OCP MNO
      • Verify with multiple policies
      • Verify with rightsub=0.0.0.0/0

            fge@redhat.com Gris Ge
            ykashtan Yuval Kashtan
            Jan Fiala
            Network Management Team Network Management Team
            Mingyu Shi Mingyu Shi
            Mayur Patil Mayur Patil
            Votes:
            0 Vote for this issue
            Watchers:
            18 Start watching this issue

              Created:
              Updated:
              Resolved: